👩💻 Splunk Commands: "rex" vs "regex" vs "erex"
https://www.linkedin.com/posts/soorinsec_splunk-regex-erex-activity-7205803413127761920-fBLY?utm_source=share&utm_medium=member_desktop
#Splunk #regex #rex
تیم سورین
https://www.linkedin.com/posts/soorinsec_splunk-regex-erex-activity-7205803413127761920-fBLY?utm_source=share&utm_medium=member_desktop
#Splunk #regex #rex
تیم سورین
Linkedin
Soorin on LinkedIn: #splunk #regex #erex #rex
👩💻 Splunk Commands: "rex" vs "regex" vs "erex"
🤝 join our community : https://news.1rj.ru/str/hypersec 🌟
#splunk
#regex #erex #rex
🤝 join our community : https://news.1rj.ru/str/hypersec 🌟
#splunk
#regex #erex #rex
Volatility specializes in analyzing memory dumps across various operating systems and enables us to explore the state of a system at the time of the memory dump.
• Running Processes
• Active Network Connections
• Loaded Drivers | DLLs
• Code Injections
• Malware Artifacts
• Executed commands
• Opened files
• and many more
#volatility
تیم سورین
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
Release Volatility 3 2.7.0 · volatilityfoundation/volatility3
New plugins:
windows.iat
windows.truecrypt
linux.library_list
mac.dmesg
Support for configuration files for common CLI options
windows.driverirp: Report IRP entries that point inside a hidden mo...
windows.iat
windows.truecrypt
linux.library_list
mac.dmesg
Support for configuration files for common CLI options
windows.driverirp: Report IRP entries that point inside a hidden mo...
This integration allows you to detect persistence techniques at the Windows level.
Credit By : mohammad-mirasadollahi
#Splunk
تیم سورین
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - Mohammad-Mirasadollahi/Splunk-TA-PersistenceSniper-Deploy: Automatically Deploy PersistenceSniper with Splunk Deployment…
Automatically Deploy PersistenceSniper with Splunk Deployment Server - Mohammad-Mirasadollahi/Splunk-TA-PersistenceSniper-Deploy
Please open Telegram to view this post
VIEW IN TELEGRAM
Hands-on projects designed to enhance your cybersecurity skills:
- Phishing Attack Investigation
- Malware Analysis and Containment
- Network Intrusion Detection and Response
- DDoS Attack Detection and Response
#IR
تیم سورین
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - 0xrajneesh/Incident-Response-Projects-for-Beginners: Hands-on cybersecurity projects to enhance skills in phishing investigation…
Hands-on cybersecurity projects to enhance skills in phishing investigation, malware analysis, network intrusion detection, and DDoS attack response. - 0xrajneesh/Incident-Response-Projects-for-Beg...
#cybersecurity #infosec #BlueTeam
تیم سورین
Please open Telegram to view this post
VIEW IN TELEGRAM
👍1
Media is too big
VIEW IN TELEGRAM
دمو جلسه اول کلاس
برگزار شده در سورین
🕵🏻♂️مدرس : مهندس احمدرضا نوروزی
#splunk #SIEM
تیم سورین
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1
Please open Telegram to view this post
VIEW IN TELEGRAM
چند مخزن بسیار کاربردی برای Red Team ⭐️ و Blue Team ⭐️
➡️ https://github.com/Purp1eW0lf/Blue-Team-Notes
➡️ https://github.com/boh/RedBlueNotes
➡️ https://github.com/CyberJunnkie/BlueTeaming-Notes
➡️ https://github.com/Hacking-Notes/BlueTeam
#RedTeam #BlueTeam
تیم سورین
#RedTeam #BlueTeam
تیم سورین
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - Purp1eW0lf/Blue-Team-Notes: You didn't think I'd go and leave the blue team out, right?
You didn't think I'd go and leave the blue team out, right? - GitHub - Purp1eW0lf/Blue-Team-Notes: You didn't think I'd go and leave the blue team out, right?
👍2
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2
RCE via heap overflow and local privilege escalation in several VMware products.
👉 Dork: http.noscript:"ID_VC_Welcome" OR certificate.issuer.domain_component:"vsphere"
Vendor's advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453
تیم سورین
Please open Telegram to view this post
VIEW IN TELEGRAM
soorinsec.ir
سورین | خدمات امنیت سایبری
سورین ارائه دهنده خدمات امنیت سایبری با کیفیت و حرفهای
Media is too big
VIEW IN TELEGRAM
The highlight command in Splunk is used to visually highlight specific terms or phrases in the search results displayed on the Events tab. Here's how it works:
دستور «highlight» در Splunk برای برجسته کردن بصری جملات یا عبارات خاص در نتایج جستجوی نمایش داده شده استفاده میشود. در اینجا نحوه کارنمایش داده شده است .
#splunk #command #highlight
تیم سورین
دستور «highlight» در Splunk برای برجسته کردن بصری جملات یا عبارات خاص در نتایج جستجوی نمایش داده شده استفاده میشود. در اینجا نحوه کارنمایش داده شده است .
#splunk #command #highlight
تیم سورین
https://www.linkedin.com/posts/soorinsec_playbook-runbook-dfir-activity-7210156907968266240-jFSg?utm_source=share&utm_medium=member_desktop
تیم سورین
تیم سورین
Linkedin
#playbook #runbook #dfir #ir #soc #siem #blueteam | Soorin
به طور خلاصه، playbook یک طرح کلی است که استراتژی را تعریف می کند، در حالی که یک runbook اقدامات خاصی را که باید برای رسیدگی به حوادث امنیتی انجام شود، شرح می دهد.
#playbook
#runbook
#dfir #ir #soc
#SIEM #blueteam
#playbook
#runbook
#dfir #ir #soc
#SIEM #blueteam
👩💻 Difference between Default and Local folder in Splunk
https://www.linkedin.com/posts/soorinsec_splunk-default-local-activity-7210259662208704513-8q5x?utm_source=share&utm_medium=member_desktop
تیم سورین
https://www.linkedin.com/posts/soorinsec_splunk-default-local-activity-7210259662208704513-8q5x?utm_source=share&utm_medium=member_desktop
تیم سورین
Linkedin
#splunk #default #local #اسپلانک #siem #soc | Soorin
👩💻 Difference between Default and Local folder in Splunk
#splunk #default #local #اسپلانک
#SIEM #SOC
#splunk #default #local #اسپلانک
#SIEM #SOC
📚Incident Response Projects for Beginners
Hands-on projects designed to enhance your cybersecurity skills:
- Phishing Attack Investigation
- Malware Analysis and Containment
- Network Intrusion Detection and Response
- DDoS Attack Detection and Response
🔗https://github.com/0xrajneesh/Incident-Response-Projects-for-Beginners
#IR
تیم سورین
Hands-on projects designed to enhance your cybersecurity skills:
- Phishing Attack Investigation
- Malware Analysis and Containment
- Network Intrusion Detection and Response
- DDoS Attack Detection and Response
🔗https://github.com/0xrajneesh/Incident-Response-Projects-for-Beginners
#IR
تیم سورین
GitHub
GitHub - 0xrajneesh/Incident-Response-Projects-for-Beginners: Hands-on cybersecurity projects to enhance skills in phishing investigation…
Hands-on cybersecurity projects to enhance skills in phishing investigation, malware analysis, network intrusion detection, and DDoS attack response. - 0xrajneesh/Incident-Response-Projects-for-Beg...
👍1
🕵🏻♀️Core Processes In Windows System
🔗 https://0xcybery.github.io/blog/Core-Processes-In-Windows-System
#windowos #core #process
تیم سورین
🔗 https://0xcybery.github.io/blog/Core-Processes-In-Windows-System
#windowos #core #process
تیم سورین
0xcybery.github.io
Core Processes In Windows System
This article aims to help you know and understand what normal behavior within a Windows operating system is.
👍3
💻تفاوت user-mode و kernel- mode
🔗https://www.geeksforgeeks.org/difference-between-user-mode-and-kernel-mode/
#windows
تیم سورین
🔗https://www.geeksforgeeks.org/difference-between-user-mode-and-kernel-mode/
#windows
تیم سورین